bbs.hsiao.net 交流論壇

A space to build your networks 一片讓您建立您人脈的天地
http://bbs.hsiao.net/

Generate CA key and Certificate

http://bbs.hsiao.net/viewtopic.php?t=1026

Page 1 of 1

Generate CA key and Certificate

Posted: Mon Apr 25, 2016 5:59 pm
by cah
Here are the steps to generate CA key and to remove the passphrase.

1. Generate the key with a temp passphrase:

Code: Select all

/usr/local/ssl/bin/openssl genrsa -des3 -out hsiao_net.key 4096
2. Remove the passphrase (need the above temp passphrase)

Code: Select all

/usr/local/ssl/bin/openssl rsa -in hsiao_net.key -out hsiao_net_no_passphrase.key
3. Replace the CA key with the no passphrase key

Code: Select all

mv hsiao_net_no_passphrase.key hsiao_net.key
4. Generate the root certificate

Code: Select all

# openssl req -new -x509 -sha256 -days 3650 -key hsiao_net.key -out hsiao_net.crt
Country Name (2 letter code) []:US
State or Province Name (full name) []:California
Locality Name (eg, city) []:Thousand Oaks
Organization Name (eg, company) []:Hsiao's Inc.
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:www.hsiao.net
Email Address []:cah@hsiao.net
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited